Phishing bots will always be a part of Steam. The only thing you can do to help stop the spread of them is to be mindful of what you click and where you go. Each failed attempt can save several potential victims. Keep in mind that phishing links are not usually a virus, they simply take you to a fake Steam login page where you will hand out your information willingly.

That being said you can protect yourself and others by:

-Thoroughly inspecting any random messages containing a link to another website. -Only trade via official channels such as Steam window trading and trade offers that are on your profile page.-Google the link someone sends you instead of going directly to it. Chances are if it is a bot, results will show others talking about it.-Never log into any website other than steamcommunity.com-Inspect any website claiming to be steamcommunity.com by looking for the Valve Corp. security certificate that is next to the link. (See below)

In addition to this information, Wise did some research and found an article here which may explain this latest occurrence of phishing. While I can not verify what the virus does (someone else may be willing to download it and inspect it), it is reasonable to assume that it is not hi-jacking accounts or stealing items. Regardless of what it is or is not doing, I strongly recommend that anyone who has been infected change their Steam password.

Looks like someone did decompile it and investigate. You can find information that is likely directly related to this here.

My guess on how it works, from what I read, it's a Trojan. When I find more out, I'll add to this. But my assumption is it adds a key logger to your computer logging every keystroke. I may be wrong, but as of now im unable to review everything.